Tag Archives: Cyber crime

Navy Warns Marines And Sailors Of “Card Cracking” Scam

Standard
(tuan_azizi/iStock/Getty Images Plus)

NAVY TIMES

The Naval Criminal Investigative Service is seeing an uptick in reports from sailors and Marines who have been duped in a card-cracking scam on social media — in some cases after being promised money as a gesture of gratitude for their military service.

____________________________________________________________________________

“The scammers are reaching out to service members through several different ways, NCIS warned.

In some cases, service members are receiving friend requests on Facebook from someone with mutual friends. The scammer then tells the service members they would like to offer them grant money to thank them for their service, or offer them money for their “debt relief.”

Another trend NCIS has witnessed is scammers connecting with service members on social media through either posts or messages, all under the guise of being a debt consolidator or business owner.

Regardless of initial contact, scammers then ask service members to share their bank login information, along with some of the security question prompts that appear on their online bank account.

“Victims have reported that after the money is deposited directly into their accounts, the scammer then asks the victim to send a portion of the money via wire or cash to a third party,” NCIS said in a recent news release.

“Victims then discover that loans have been opened in their name with the same financial institution. Any attempts to further contact the scammer are unsuccessful, leaving the victim to pay off the loan.”

These scams have resulted in “severe financial losses” for service members, NCIS said.

NCIS provided a series of recommendations to sailors, such as halting continued contact with the scammer, alerting their banks or financial institutions to lock accounts, and looking into a credit lock through credit bureaus like Equifax.

Likewise, NCIS recommended sailors inform their commands, the NCIS office, and also law enforcement authorities, and advised against sharing bank login details with anyone.

Although NCIS warned sailors last month to be aware of COVID-19-related schemes, the agency initially said it did not believe these card-cracking scams are connected to the pandemic because there had already been a rise in scams over the past year.

However, NCIS told Military Times it received an image Thursday afternoon of a scam circulating via email targeting Navy Federal Credit Union members that offered to assist them with $800 for COVID-19 relief. The email requested members to validate their Navy Federal customer data in order for the funds to clear.

“We urge the Department of the Navy family to remain vigilant of scams offering promises getting out of debt and making extra money, especially during this challenging time for our nation,” NCIS spokesman Jeff Houston said in an email to Military Times.

Service members have frequently fallen prey to scammers and lost millions of dollars as a result.

According to a December report analyzing data from the Federal Trade Commission and Better Business Bureau, active duty personnel and veterans from the Navy have been tied up in 143,718 scams totaling $62,542,897 since 2012. Those from the Marine Corps have also been involved in 57,204 scams totaling $24,976,528.”

https://www.navytimes.com/news/your-navy/2020/04/09/beware-of-thank-you-for-your-service-money-scams-ncis-warns-sailors-and-marines/

Spinning Up Telework Presents Procurement Challenges

Standard
Image: Eztalks.com

FCW

There’s good news and bad news for agencies looking to ramp up telework in the wake of the coronavirus pandemic, according to federal contracting experts.

The good news is federal acquisition contracts are set up for quick acquisition of essential telework equipment, such as laptops or tablets, said acquisition experts FCW spoke with. The bad news could be that online scammers are watching the expanding tele-workforce with great interest.

___________________________________________________________________________

“The emphasis on agency telework is growing, and although most agency employees are already assigned computers, there may be some hardware gaps to fill as workforces move to remote locations.

Federal governmentwide acquisition contracts, such as NASA’s Services for Enterprise-Wide Procurement, the General Services Administration’s ordering schedule and the National Institutes of Health Information Technology Acquisition and Assessment Center (NITAAC) are set up to help quickly fill laptops, tablets and other IT commodity orders, they said.

“In general, SEWP is an agile acquisition vehicle that allows for quick turn-around times for quotes and provides points of contacts for all contract holders to facilitate quick communications,” Joanne Woytek, SEWP manager told FCW. The GWAC, she said, has not seen any specific increase related to teleworking support, so far.

“For laptops, tablets, printers, agencies have purchase cards,” Alan Chvotkin, executive vice president and counsel for the Professional Services Council, told FCW. “Orders placed on SEWP and federal schedules can get responses within 24 hours,” he said, adding that speedier responses could pump up costs.

SEWP posted a warning on its webpage at the beginning of March saying delays in some order could result from stresses on the supply chain.

In an email to FCW on March 11, Woytek again noted that delivery of technology “is limited by the capacity of industry.” She said order delivery “is going to be on a case by case basis and greatly dependent on the complexity, configuration and size of an order.”

However, the demand for laptop and tablet computers from federal agencies during the next few weeks, probably won’t be too steep, said Roger Waldron, president of the Coalition for Government Procurement.

Agencies, however, should be working diligently to “level set” their computer and network needs for the coming weeks, as well as keep informed on their existing IT contracts and how to leverage GWACs, such as SEWP, to back fill last-minute IT and IT commodity needs.

Even though agencies will probably have the resources to get any necessary computers for new telecommuters, another acquisition expert said they face a sneaky obstacle — telework-savvy cyber adversaries.

Bad actors are on the lookout for new teleworkers, as those workers open up a vulnerability to protected networks, said Evan Wolff, a partner at Crowell & Moring, who co-chairs the firm’s Privacy & Cybersecurity Group and is a member its Government Contracts Group.

Targeted phishing emails and other cyber crime techniques could be a challenge for federal IT managers with increasing numbers of telecommuters, Wolff told FCW in an interview.

Federal IT managers, he said, may not have appropriately secure infrastructure in place to lock down all communications. Additionally, simple things, such as shared living space with non-government employee roommates, could also present issues, if the federal teleworker has a sensitive post, he said.

“We’re already seeing a focus on customized phishing” aimed at non-government telecommuters as the coronavirus spreads, said Wolff. That wave of targeted remote worker phishing email is probably coming to new federal telecommuters too.

“Bad actors understand a target’s leadership and the types of appropriate email” that could temp them into taking the bait, he said.”


Hacks Raise Fear Over National Security Agency (NSA) Hold on Cyberweapons

Standard

NSA Hacking Tools

Image  Patrick Semansky/Associated Press

“NEW YORK TIMES”

“The N.S.A. has kept quiet, not acknowledging its role in developing the weapons.

But the silence is wearing thin for victims of the assaults, as a series of escalating attacks using N.S.A. cyber weapons have hit hospitals, a nuclear site and American businesses.

Now there is growing concern that United States intelligence agencies have rushed to create digital weapons that they cannot keep safe from adversaries or disable once they fall into the wrong hands.

Twice in the past month, National Security Agency cyber weapons stolen from its arsenal have been turned against two very different partners of the United States — Britain and Ukraine.

On Wednesday, the calls for the agency to address its role in the latest attacks grew louder, as victims and technology companies cried foul. Representative Ted Lieu, a California Democrat and a former Air Force officer who serves on the House Judiciary and Foreign Affairs Committees, urged the N.S.A. to help stop the attacks and to stop hoarding knowledge of the computer vulnerabilities upon which these weapons rely.

In an email on Wednesday evening, Michael Anton, a spokesman for the National Security Council at the White House, noted that the government “employs a disciplined, high-level interagency decision-making process for disclosure of known vulnerabilities” in software, “unlike any other country in the world.”

Mr. Anton said the administration “is committed to responsibly balancing national security interests and public safety and security,” but declined to comment “on the origin of any of the code making up this malware.”

Beyond that, the government has blamed others. Two weeks ago, the United States — through the Department of Homeland Security — said it had evidence North Korea was responsible for a wave of attacks in May using ransomware called WannaCry that shut down hospitals, rail traffic and production lines. The attacks on Tuesday against targets in Ukraine, which spread worldwide, appeared more likely to be the work of Russian hackers, though no culprit has been formally identified.

In both cases, the attackers used hacking tools that exploited vulnerabilities in Microsoft software. The tools were stolen from the N.S.A., and a group called the Shadow Brokers made them public in April. The group first started offering N.S.A. weapons for sale in August, and recently even offered to provide N.S.A. exploits to paid monthly subscribers.

Though the identities of the Shadow Brokers remain a mystery, former intelligence officials say there is no question from where the weapons came: a unit deep within the agency that was until recently called “Tailored Access Operations.”

While the government has remained quiet, private industry has not. Brad Smith, the president of Microsoft, said outright that the National Security Agency was the source of the “vulnerabilities” now wreaking havoc and called on the agency to “consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits.”

For the American spy agency, which has invested billions of dollars developing an arsenal of weapons that have been used against the Iranian nuclear program, North Korea’s missile launches and Islamic State militants, what is unfolding across the world amounts to a digital nightmare. It was as if the Air Force lost some of its most sophisticated missiles and discovered an adversary was launching them against American allies — yet refused to respond, or even to acknowledge that the missiles were built for American use.

Officials fret that the potential damage from the Shadow Brokers leakscould go much further, and the agency’s own weaponry could be used to destroy critical infrastructure in allied nations or in the United States.

“Whether it’s North Korea, Russia, China, Iran or ISIS, almost all of the flash points out there now involve a cyber element,” Leon E. Panetta, the former defense secretary and Central Intelligence Agency chief said in a recent interview, before the weapons were turned against American interests.

“I’m not sure we understand the full capability of what can happen, that these sophisticated viruses can suddenly mutate into other areas you didn’t intend, more and more,” Mr. Panetta said. “That’s the threat we’re going to face in the near future.”

Using the remnants of American weapons is not entirely new. Elements of Stuxnet, the computer worm that disabled the centrifuges used in Iran’s nuclear weapons program seven years ago, have been incorporated in some attacks.

In the past two months, attackers have retrofitted the agency’s more recent weapons to steal credentials from American companies. Cybercriminals have used them to pilfer digital currency. North Korean hackers are believed to have used them to obtain badly needed currency from easy hacking targets like hospitals in England and manufacturing plants in Japan.

And on Tuesday, on the eve of Ukraine’s Constitution Day — which commemorates the country’s first constitution after breaking away from the Soviet Union — attackers used N.S.A.-developed techniques to freeze computers in Ukrainian hospitals, supermarkets, and even the systems for radiation monitoring at the old Chernobyl nuclear plant.

The so-called ransomware that gained the most attention in the Ukraine attack is believed to have been a smoke screen for a deeper assault aimed at destroying victims’ computers entirely. And while WannaCry had a kill switch that was used to contain it, the attackers hitting Ukraine made sure there was no such mechanism. They also ensured that their code could infect computers that had received software patches intended to protect them.

“You’re seeing a refinement of these capabilities, and it only heads in one direction,” said Robert Silvers, the former assistant secretary of cyber policy at the Department of Homeland Security, now a partner at the law firm Paul Hastings.

Though the original targets of Tuesday’s attacks appear to have been government agencies and businesses in Ukraine, the attacks inflicted enormous collateral damage, taking down some 2,000 global targets in more than 65 countries, including Merck, the American drug giant, Maersk, the Danish shipping company, and Rosneft, the Russian state owned energy giant. The attack so crippled operations at a subsidiary of Federal Express that trading had to be briefly halted for FedEx stock.

“When these viruses fall into the wrong hands, people can use them for financial gain, or whatever incentive they have — and the greatest fear is one of miscalculation, that something unintended can happen,” Mr. Panetta said.

Mr. Panetta was among the officials warning years ago of a “cyber Pearl Harbor” that could bring down the American power grid. But he and others never imagined that those same enemies might use the N.S.A.’s own cyberweapons.

For the past six years, government officials were comforted by the fact that their most fervent adversaries — North Korea, Iran, extremist groups — did not have the skills or digital tools to inflict major damage. The bigger cyberpowers, Russia and China in particular, seemed to exercise some restraint, though Russia’s meddling in the 2016 presidential election added a new, more subtle threa

But armed with the N.S.A.’s own tools, the limits are gone.“We now have actors, like North Korea and segments of the Islamic State, who have access to N.S.A. tools who don’t care about economic and other ties between nation states,” said Jon Wellinghoff, the former chairman of the Federal Energy Regulatory Commission.

So long as flaws in computer code exist to create openings for digital weapons and spy tools, security experts say, the N.S.A. is not likely to stop hoarding software vulnerabilities any time soon.”